Closes: Debian bug #1093065.
These files were only present to serve polkit = 105 in Debian bullseye.
Alternate files .rules already being shipped for polkit > 105.
Tests:
- Install infinoted and enable/disable firewalld. infinoted ports have been
enabled/disabled in the firewall as noticed using firewall-cmd.
- Creating/deleting network manager connections works well. nmcli shows the
updates.
- Add backup location page shows list of disks properly.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
- This will leave /etc/{plinth,freedombox} empty by default making service more
robust to run across various environments and situations. See systemd's
explanation for more details.
- Use Debian maintainer scripts remove all the existing files in
/etc/plinth/modules-enabled.
- Read from /usr/share/freedombox/modules-enabled then from
/etc/plinth/modules-enabled and finally from /etc/freedombox/modules-enabled.
Later read ones override previously read files. Any file pointing to /dev/null
will mean the module must be ignored.
Tests:
- Clean up /etc/plinth, /etc/freedombox and
/usr/share/freedombox/modules-enabled. Run service and notice that files are
getting loaded from development folder using a debug message.
- Run setup.py and notice that files get installed in
/usr/share/freedombox/modules-enabled/ and in the next run they get loaded from
there.
- Create a override file in /etc/plinth/modules-enabled/transmission and notice
that overriden file gets priority over the one in
/usr/share/freedombox/modules-enabled.
- Link the file /etc/plinth/modules-enabled/transmission to /dev/null and notice
that is not loaded.
- Create another file in /etc/freedombox/modules-enabled/transmission and notice
that it overrides the previous two files.
- All affected modules are loaded.
- Build a new Debian package and ensure that upgrading 23.8 to new version
removes are all configuration files.
- Build developer documentation and test that Tutorial -> Full Code and Tutorial
-> Skeleton sections have been updated with references to
-.../modules-enabled/... paths.
- Install quassel and notice that certificates were copied to /var/lib/quassel
directory. Change domain to another domain and notice that certificates were
copied again to that directory.
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Automatically handle a setup of the component getting added to an existing
app.
Tests:
- Run unit tests
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
This should help with FreedomBox getting authorizations to access firewalld
D-Bus API for polkit versions > 0.105 where polkit local authority is not
available.
Helps #1728.
Tests performed:
- Install policykit-1 version 0.105. Something like apt install
policykit-1=0.105-26 libpolkit-agent-1-0=0.105-26 libpolkit-gobject-1-0=0.105-26
- Visit privoxy page. See internal networks warning with all the interfaces
listed properly.
- Visit firewalld page, view list of apps and services properly.
- Enable privoxy, see the port opened in firewalld page.
- Disable privoxy, see the port closed in firewalld page.
- Run diagnostics for privoxy see that ports' diagnostics results pass.
- Add Debian experimental to /etc/apt/sources.list. apt update. Then install
policykit-1 version 0.116. apt install -t experimental policykit-1.
- Repeat all above tests.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
- Significantly reduce the time taken to perform the operations in the following
cases:
- Enable/disable an app
- list services in firewall page
- Load app page when interfaces belonging to internal zone need to shown
- First run setup of FreedomBox
- Install a polkit local authority configuration file to allow FreedomBox
service to perform: information queries and configuration changes.
- Drop unused actions.
- Alter the template for showing firewall port information since port/protocol
pairs are no longer pre-formatted.
- Handle errors when trying to get ports details of an unknown service.
Tests performed:
- Enable/disable an app. Ensure with firewall-cmd that ports are added/removed
properly.
- Temporarily modify code to call add_service() and remove_service() twice in a
row. Perform enable/disable operations and ensure that there are not error
thrown to test that add/remove services operations are idempotent.
- Visit the firewalld page and see the current state is reflected properly.
- Visit an app that shows the list of interfaces in firewall zone. Internal
interfaces should be listed properly.
- Reset the installed version of firewall app and disable all firewall services.
Start FreedomBox and ensure that when setup is re-run, default ports (http,
https, dns and dhcp) are opened properly. Run again but with ports already
enabled to check that the setup operation is idempotent.
- Visit diagnostics of an app that uses firewall components and see that ports
are listed properly in the port diagnostic test result.
- Remove some needed services such as those in /etc/firewalld/services and try
to visit the firewalld page. The page should show blank details against the
affected services.
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
